api/v3/Generic/Setvalue.php

   1 <?php
   2 /**
   3  * params must contain at least id=xx & {one of the fields from getfields}=value
   4  */
   5 function civicrm_api3_generic_setValue($apiRequest) {
   6   $entity = $apiRequest['entity'];
   7   $params = $apiRequest['params'];
   8   // we can't use _spec, doesn't work with generic
   9   civicrm_api3_verify_mandatory($params, NULL, array('id', 'field', 'value'));
  10   $id = $params['id'];
  11   if (!is_numeric($id)) {
  12     return civicrm_api3_create_error(ts('Please enter a number'), array('error_code' => 'NaN', 'field' => "id"));
  13   }
  14
  15   $field = CRM_Utils_String::munge($params['field']);
  16   $value = $params['value'];
  17
  18   $fields = civicrm_api($entity, 'getFields', array('version' => 3, 'action' => 'create', "sequential"));
  19   // getfields error, shouldn't happen.
  20   if ($fields['is_error'])
  21   return $fields;
  22   $fields = $fields['values'];
  23
  24   if (!array_key_exists($field, $fields)) {
  25     return civicrm_api3_create_error("Param 'field' ($field) is invalid. must be an existing field", array("error_code" => "invalid_field", "fields" => array_keys($fields)));
  26   }
  27
  28   $def = $fields[$field];
  29   if (array_key_exists('required', $def) && empty($value)) {
  30     return civicrm_api3_create_error(ts("This can't be empty, please provide a value"), array("error_code" => "required", "field" => $field));
  31   }
  32
  33   switch ($def['type']) {
  34     case 1:
  35       //int
  36       if (!is_numeric($value)) {
  37         return civicrm_api3_create_error("Param '$field' must be a number", array('error_code' => 'NaN'));
  38       }
  39
  40     case 2:
  41       //string
  42       if (!CRM_Utils_Rule::xssString($value)) {
  43         return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), array('error_code' => 'XSS'));
  44       }
  45     if (array_key_exists('maxlength', $def)) {
  46       $value = substr($value, 0, $def['maxlength']);
  47     }
  48     break;
  49
  50     case 12:
  51       //date
  52       $value = CRM_Utils_Type::escape($value,"Date",false);
  53       if (!$value)
  54         return civicrm_api3_create_error("Param '$field' is not a date. format YYYYMMDD or YYYYMMDDHHMMSS");
  55       break;
  56
  57     case 16:
  58       //boolean
  59       $value = (boolean) $value;
  60       break;
  61
  62     default:
  63       return civicrm_api3_create_error("Param '$field' is of a type not managed yet (".$def['type']."). Join the API team and help us implement it", array('error_code' => 'NOT_IMPLEMENTED'));
  64   }
  65
  66   if (CRM_Core_DAO::setFieldValue(_civicrm_api3_get_DAO($entity), $id, $field, $value)) {
  67     $entity = array('id' => $id, $field => $value);
  68     CRM_Utils_Hook::post('edit', $entity, $id, $entity);
  69     return civicrm_api3_create_success($entity);
  70   }
  71   else {
  72     return civicrm_api3_create_error("error assigning $field=$value for $entity (id=$id)");
  73   }
  74 }
  75